1  // Copyright 2010 Google LLC
  2  //
  3  // Redistribution and use in source and binary forms, with or without
  4  // modification, are permitted provided that the following conditions are
  5  // met:
  6  //
  7  //     * Redistributions of source code must retain the above copyright
  8  // notice, this list of conditions and the following disclaimer.
  9  //     * Redistributions in binary form must reproduce the above
 10  // copyright notice, this list of conditions and the following disclaimer
 11  // in the documentation and/or other materials provided with the
 12  // distribution.
 13  //     * Neither the name of Google LLC nor the names of its
 14  // contributors may be used to endorse or promote products derived from
 15  // this software without specific prior written permission.
 16  //
 17  // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 18  // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 19  // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 20  // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 21  // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 22  // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 23  // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 24  // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 25  // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 26  // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 27  // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 28  
 29  #ifndef CLIENT_LINUX_HANDLER_EXCEPTION_HANDLER_H_
 30  #define CLIENT_LINUX_HANDLER_EXCEPTION_HANDLER_H_
 31  
 32  #include <signal.h>
 33  #include <stdint.h>
 34  #include <stdio.h>
 35  #include <sys/ucontext.h>
 36  
 37  #include <string>
 38  
 39  #include "client/linux/crash_generation/crash_generation_client.h"
 40  #include "client/linux/handler/minidump_descriptor.h"
 41  #include "client/linux/minidump_writer/minidump_writer.h"
 42  #include "common/scoped_ptr.h"
 43  #include "common/using_std_string.h"
 44  #include "google_breakpad/common/minidump_format.h"
 45  
 46  #if !defined(__ARM_EABI__) && !defined(__mips__) && !defined(__riscv)
 47  // FP state is not part of user ABI for Linux ARM.
 48  // In case of MIPS and RISCV Linux FP state is already part of ucontext_t
 49  // so 'float_state' is not required.
 50  # define GOOGLE_BREAKPAD_CRASH_CONTEXT_HAS_FLOAT_STATE 1
 51  #else
 52  # define GOOGLE_BREAKPAD_CRASH_CONTEXT_HAS_FLOAT_STATE 0
 53  #endif
 54  
 55  namespace google_breakpad {
 56  
 57  // ExceptionHandler
 58  //
 59  // ExceptionHandler can write a minidump file when an exception occurs,
 60  // or when WriteMinidump() is called explicitly by your program.
 61  //
 62  // To have the exception handler write minidumps when an uncaught exception
 63  // (crash) occurs, you should create an instance early in the execution
 64  // of your program, and keep it around for the entire time you want to
 65  // have crash handling active (typically, until shutdown).
 66  // (NOTE): There should be only be one this kind of exception handler
 67  // object per process.
 68  //
 69  // If you want to write minidumps without installing the exception handler,
 70  // you can create an ExceptionHandler with install_handler set to false,
 71  // then call WriteMinidump.  You can also use this technique if you want to
 72  // use different minidump callbacks for different call sites.
 73  //
 74  // In either case, a callback function is called when a minidump is written,
 75  // which receives the full path or file descriptor of the minidump.  The
 76  // caller can collect and write additional application state to that minidump,
 77  // and launch an external crash-reporting application.
 78  //
 79  // Caller should try to make the callbacks as crash-friendly as possible,
 80  // it should avoid use heap memory allocation as much as possible.
 81  
 82  class ExceptionHandler {
 83   public:
 84    // A callback function to run before Breakpad performs any substantial
 85    // processing of an exception.  A FilterCallback is called before writing
 86    // a minidump.  |context| is the parameter supplied by the user as
 87    // callback_context when the handler was created.
 88    //
 89    // If a FilterCallback returns true, Breakpad will continue processing,
 90    // attempting to write a minidump.  If a FilterCallback returns false,
 91    // Breakpad  will immediately report the exception as unhandled without
 92    // writing a minidump, allowing another handler the opportunity to handle it.
 93    typedef bool (*FilterCallback)(void* context);
 94  
 95    // A callback function to run after the minidump has been written.
 96    // |descriptor| contains the file descriptor or file path containing the
 97    // minidump. |context| is the parameter supplied by the user as
 98    // callback_context when the handler was created.  |succeeded| indicates
 99    // whether a minidump file was successfully written.
100    //
101    // If an exception occurred and the callback returns true, Breakpad will
102    // treat the exception as fully-handled, suppressing any other handlers from
103    // being notified of the exception.  If the callback returns false, Breakpad
104    // will treat the exception as unhandled, and allow another handler to handle
105    // it. If there are no other handlers, Breakpad will report the exception to
106    // the system as unhandled, allowing a debugger or native crash dialog the
107    // opportunity to handle the exception.  Most callback implementations
108    // should normally return the value of |succeeded|, or when they wish to
109    // not report an exception of handled, false.  Callbacks will rarely want to
110    // return true directly (unless |succeeded| is true).
111    typedef bool (*MinidumpCallback)(const MinidumpDescriptor& descriptor,
112                                     void* context,
113                                     bool succeeded);
114  
115    // In certain cases, a user may wish to handle the generation of the minidump
116    // themselves. In this case, they can install a handler callback which is
117    // called when a crash has occurred. If this function returns true, no other
118    // processing of occurs and the process will shortly be crashed. If this
119    // returns false, the normal processing continues.
120    typedef bool (*HandlerCallback)(const void* crash_context,
121                                    size_t crash_context_size,
122                                    void* context);
123  
124    // Creates a new ExceptionHandler instance to handle writing minidumps.
125    // Before writing a minidump, the optional |filter| callback will be called.
126    // Its return value determines whether or not Breakpad should write a
127    // minidump.  The minidump content will be written to the file path or file
128    // descriptor from |descriptor|, and the optional |callback| is called after
129    // writing the dump file, as described above.
130    // If install_handler is true, then a minidump will be written whenever
131    // an unhandled exception occurs.  If it is false, minidumps will only
132    // be written when WriteMinidump is called.
133    // If |server_fd| is valid, the minidump is generated out-of-process.  If it
134    // is -1, in-process generation will always be used.
135    ExceptionHandler(const MinidumpDescriptor& descriptor,
136                     FilterCallback filter,
137                     MinidumpCallback callback,
138                     void* callback_context,
139                     bool install_handler,
140                     const int server_fd);
141    ~ExceptionHandler();
142  
143    const MinidumpDescriptor& minidump_descriptor() const {
144      return minidump_descriptor_;
145    }
146  
147    void set_minidump_descriptor(const MinidumpDescriptor& descriptor) {
148      minidump_descriptor_ = descriptor;
149    }
150  
151    void set_crash_handler(HandlerCallback callback) {
152      crash_handler_ = callback;
153    }
154  
155    void set_crash_generation_client(CrashGenerationClient* client) {
156      crash_generation_client_.reset(client);
157    }
158  
159    // Writes a minidump immediately.  This can be used to capture the execution
160    // state independently of a crash.
161    // Returns true on success.
162    // If the ExceptionHandler has been created with a path, a new file is
163    // generated for each minidump.  The file path can be retrieved in the
164    // MinidumpDescriptor passed to the MinidumpCallback or by accessing the
165    // MinidumpDescriptor directly from the ExceptionHandler (with
166    // minidump_descriptor()).
167    // If the ExceptionHandler has been created with a file descriptor, the file
168    // descriptor is repositioned to its beginning and the previous generated
169    // minidump is overwritten.
170    // Note that this method is not supposed to be called from a compromised
171    // context as it uses the heap.
172    bool WriteMinidump();
173  
174    // Convenience form of WriteMinidump which does not require an
175    // ExceptionHandler instance.
176    static bool WriteMinidump(const string& dump_path,
177                              MinidumpCallback callback,
178                              void* callback_context);
179  
180    // Write a minidump of |child| immediately.  This can be used to
181    // capture the execution state of |child| independently of a crash.
182    // Pass a meaningful |child_blamed_thread| to make that thread in
183    // the child process the one from which a crash signature is
184    // extracted.
185    //
186    // WARNING: the return of this function *must* happen before
187    // the code that will eventually reap |child| executes.
188    // Otherwise there's a pernicious race condition in which |child|
189    // exits, is reaped, another process created with its pid, then that
190    // new process dumped.
191    static bool WriteMinidumpForChild(pid_t child,
192                                      pid_t child_blamed_thread,
193                                      const string& dump_path,
194                                      MinidumpCallback callback,
195                                      void* callback_context);
196  
197    // This structure is passed to minidump_writer.h:WriteMinidump via an opaque
198    // blob. It shouldn't be needed in any user code.
199    struct CrashContext {
200      siginfo_t siginfo;
201      pid_t tid;  // the crashing thread.
202      ucontext_t context;
203  #if GOOGLE_BREAKPAD_CRASH_CONTEXT_HAS_FLOAT_STATE
204      fpstate_t float_state;
205  #endif
206    };
207  
208    // Returns whether out-of-process dump generation is used or not.
209    bool IsOutOfProcess() const {
210      return crash_generation_client_.get() != NULL;
211    }
212  
213    // Add information about a memory mapping. This can be used if
214    // a custom library loader is used that maps things in a way
215    // that the linux dumper can't handle by reading the maps file.
216    void AddMappingInfo(const string& name,
217                        const uint8_t identifier[sizeof(MDGUID)],
218                        uintptr_t start_address,
219                        size_t mapping_size,
220                        size_t file_offset);
221  
222    // Register a block of memory of length bytes starting at address ptr
223    // to be copied to the minidump when a crash happens.
224    void RegisterAppMemory(void* ptr, size_t length);
225  
226    // Unregister a block of memory that was registered with RegisterAppMemory.
227    void UnregisterAppMemory(void* ptr);
228  
229    // Force signal handling for the specified signal.
230    bool SimulateSignalDelivery(int sig);
231  
232    // Report a crash signal from an SA_SIGINFO signal handler.
233    bool HandleSignal(int sig, siginfo_t* info, void* uc);
234  
235   private:
236    // Save the old signal handlers and install new ones.
237    static bool InstallHandlersLocked();
238    // Restore the old signal handlers.
239    static void RestoreHandlersLocked();
240  
241    void PreresolveSymbols();
242    bool GenerateDump(CrashContext* context);
243    void SendContinueSignalToChild();
244    void WaitForContinueSignal();
245  
246    static void SignalHandler(int sig, siginfo_t* info, void* uc);
247    static int ThreadEntry(void* arg);
248    bool DoDump(pid_t crashing_process, const void* context,
249                size_t context_size);
250  
251    const FilterCallback filter_;
252    const MinidumpCallback callback_;
253    void* const callback_context_;
254  
255    scoped_ptr<CrashGenerationClient> crash_generation_client_;
256  
257    MinidumpDescriptor minidump_descriptor_;
258  
259    // Must be volatile. The compiler is unaware of the code which runs in
260    // the signal handler which reads this variable. Without volatile the
261    // compiler is free to optimise away writes to this variable which it
262    // believes are never read.
263    volatile HandlerCallback crash_handler_;
264  
265    // We need to explicitly enable ptrace of parent processes on some
266    // kernels, but we need to know the PID of the cloned process before we
267    // can do this. We create a pipe which we can use to block the
268    // cloned process after creating it, until we have explicitly enabled
269    // ptrace. This is used to store the file descriptors for the pipe
270    int fdes[2] = {-1, -1};
271  
272    // Callers can add extra info about mappings for cases where the
273    // dumper code cannot extract enough information from /proc/<pid>/maps.
274    MappingList mapping_list_;
275  
276    // Callers can request additional memory regions to be included in
277    // the dump.
278    AppMemoryList app_memory_list_;
279  };
280  
281  typedef bool (*FirstChanceHandler)(int, siginfo_t*, void*);
282  void SetFirstChanceExceptionHandler(FirstChanceHandler callback);
283  
284  }  // namespace google_breakpad
285  
286  #endif  // CLIENT_LINUX_HANDLER_EXCEPTION_HANDLER_H_